DataQuest – a malicious Mac application that is typically installed via fake Flash updates
DataQuest is malware that delivers other unwanted software behind users' backs
DataQuest is an adware that reaches macOS users after they get trick to install fake Flash Player updates or during the installation of unsafe applications from third-party sites. The app belongs to belongs to the prominent Adload campaign – an interconnected network of malicious apps that abuse a built-in AppleScript to deliver additional malicious payloads without user notification. As a result, victims' computers become more infected over time, and only proper computer cleaning can stop the background activities of the DataQuest virus.
Due to the stealthy activity of DataQuest and other applications that might have been inserted without permission, users might not notice the infection immediately. Nevertheless, some of the symptoms may be visible right away, such as modified web browser settings of Safari, Google Chrome, and Mozilla Firefox. As a result, users can face redirects to various scam sites, pop-up notifications from the macOS like “Utility will damage your computer,” increased amount of ads on all websites, a slowdown of the machine, suspicious extensions installed without permission, etc.
|Type||Mac virus, adware|
|Infiltration||Users might get infected with malware after being tricked by fake update prompts that are encountered on scam websites, or during the installation of freeware acquired from unsafe third-party websites|
|Symptoms||Symptoms of the infection might vary from person to person, although typical signs include unknown installed apps or/and extensions, slowdown of the web browser, redirects bring to unknown sites, ads show up on all visited websites, etc.|
|Risks||Installation of other malicious software without notification, unsolicited information gathering the background, financial losses due to unwanted activities|
According to Virus Total, DataQuest is detected under the following names:
|Malware termination||You can try to get rid of the infection manually, although moving suspicious apps to trash might not be enough, as you will have to find all the malicious files yourself. Instead, you can employ anti-malware software to get rid of malware automatically|
|Optimization||To speedup your macOS and get rid of junk files automatically, employ optimization tool Reimage Reimage Cleaner Intego|
Security researchers note that adware has been a growing threat to Mac users. According to experts' reports, Mac malware is now outpacing Windows infection rate,, and one of the major portions of the infections belongs to adware. While DataQuest can be considered as ad-supported software, its distribution and operation methods are much closer to those of malware.
The principle of DataQuest virus activity is very primitive – it is concentrating on delivering users ads, such as pop-ups, deals, offers, banners, in-text links, coupons, and other commercial content. While in some cases, these ads might be marked by an app or a service it is being delivered from, it is highly unlikely to see “Ads by DataQuest” or “Powered by DataQuest” or similar indicators.
When DataQuest is trying to display ads, it will attempt to connect to unknown domains in the background. This way, the pop-ups, and other ads can be called up when users are browsing the web. This activity may considerably slow down the web browser, and some websites may fail to load entirely. If the slowdowns continue after DataQuest removal, are probably low on space due to funk files – you can get rid of those with tools like Reimage Reimage Cleaner Intego.
Although the symptoms of DataQuest infection vary, you may see the following signs of the infection:
- Unknown browser extensions added on the web browser (often cannot be removed in a regular way);
- Scareware apps like Advanced Mac Cleaner or Mac Cleanup Pro installed on the system;
- The homepage, new tab address, and the search engine are set to something else;
- Browser redirects bring to scam, phishing, spoofing, fake update, and similar dangerous websites;
- Some websites might fail to load.
Besides these relatively obvious symptoms, there is a lot that the DataQuest adware can do in the background. One of the main activities that should be concerning is data gathering. Considering that the malware gains elevated permissions on the system, some of the browser extensions might be set to gather all the information you type into your web browser. Besides, adware also usually collects non-personally identifiable information as well, including the IP address, ISP, links clicked, sites visited, search queries, technical details, installed apps, etc.
DataQuest might insert intrusive advertisements on all visited websites and change web browser settings without permission
You should remove DataQuest from your machine as soon as possible, as its deceptive operation might lead to multiple severe consequences, including monetary loss, privacy issues, or even identity fraud. Keep in mind that the app might also be a sign that other threats are already present on the machine, including the notorious Shlayer Trojan.
Ways to recognize fake updates and other tips on how to avoid adware and malware on Macs
For many years, Mac power users and even IT experts claimed that Mac malware does not exist, and there is no need to employ any third-party security tools in order to protect it. According to them, the built-in defenses like GateKeeper and XProtect are more than enough – and they would be correct several years ago. Most of Mac malware nowadays utilize various techniques to bypass these defenses, such as using fake digital signatures that would circumvent GateKeeper's functionality. Additionally, users can always grant permission for malicious files to make changes to the system once they are tricked by a sophisticated phishing alert online.
Thus, it is important to know how Mac malware spreads in order to avoid it in the future. Two main methods are used by cybercriminals:
- Fake Flash updates. This technique is well-known to cybersecurity experts and many regular users, as it has been employed for years. Flash is a plugin that allowed multimedia to be delivered to users from various sites, and they would often see the “Flash required” prompts everywhere. While the technology was long replaced by HTML 5 in 2014, and practically all websites got rid of the flawed Flash Player. Nevertheless, because the plugin is so embedded in users' memories, they still believe that they need it. All in all: do not ever click on Flash update prompts on various sites, as they are fake, and you do not need the plugin as a regular user in the first place.
- Software bundles. Apple Store currently holds more than 1.8 million applications, so there is a good reason to limit downloads from there. Nevertheless, third-party sites often host installers that compile multiple programs – these are often deliberately hidden using various techniques, such as pre-ticked boxes, misleading deals, etc. Thus, always pick Advanced/Custom settings instead of Recommended/Quick ones and get rid of ticks that would otherwise allow the installation of media players, extensions, and other unwanted programs.
In most cases, users get infected with DataQuest malware after they get tricked by fake Flash Player update
Get rid of DataQuest malware
To remove the DataQuest virus from your machine, taking it to Trash will most likely not suffice. In some cases, you might not even find the app inside the Applications folder at all, as it can be functioning with the help of other persistence techniques. Some malicious files that are dropped on Mac can continue the unwanted activities even after the main app is terminated. Therefore, to get rid of the adware manually, you should also check the following locations for suspicious .plist and other files:
If you do not want to tamper with files inside your computer, you can perform automatic DataQuest removal with the help of security software. Simply download reputable anti-malware on your system and perform a full system scan – this will also eliminate all the underlying threats you might not be aware of. Finally, reset all the installed web browsers in order to eliminate unwanted browser extensions or settings.
You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.
To remove DataQuest, follow these steps:
Remove DataQuest from Mac OS X system
Get rid of DataQuest malware by following these steps:
- If you are using OS X, click Go button at the top left of the screen and select Applications.
- Wait until you see Applications folder and look for DataQuest or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash.
Erase DataQuest from Mozilla Firefox (FF)
Remove dangerous extensions
Open Mozilla Firefox, click on the menu icon (top right corner) and select Add-ons → Extensions.
- Here, select DataQuest and other questionable plugins. Click Remove to delete these entries.
Reset Mozilla Firefox
Click on the Firefox menu on the top left and click on the question mark. Here, choose Troubleshooting Information.
- Now you will see Reset Firefox to its default state message with Reset Firefox button. Click this button for several times and complete DataQuest removal.
Uninstall DataQuest from Google Chrome
Delete malicious plugins
Open Google Chrome, click on the menu icon (top right corner) and select Tools → Extensions.
- Here, select DataQuest and other malicious plugins and select trash icon to delete these entries.
- Click on menu icon again and choose Settings → Manage Search engines under the Search section.
- When in Search Engines..., remove malicious search sites. You should leave only Google or your preferred domain name.
Reset Google Chrome
Click on menu icon on the top right of your Google Chrome and select Settings.
- Scroll down to the end of the page and click on Reset browser settings.
- Click Reset to confirm this action and complete DataQuest removal.
Delete DataQuest from Safari
If you found unwanted browser extensions on Safari that you cannot get rid of – reset the browser:
Remove dangerous extensions
Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences.
- Here, select Extensions and look for DataQuest or other suspicious entries. Click on the Uninstall button to get rid each of them.
Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari....
- Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete DataQuest removal process.